Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

There is no guarantee that anything related to the source or destination MAC address of a packet will appear in, for example, the IPv4 or IPv6 headers of a packet. If you're fetching a web page from some server halfway around the world, the MAC address of that server (if it has one) has long since been lost in the process of routing the packet to the machine on which you're running your browser.

I.e., SJC-efz.ms-acdc.office.com and 4662-JBH.JBHenderson.local are not necessarily on the same LAN segment, or on on LAN that are bridged together, so there may be one or more routers between them through which the IPv4 packet in question was sent. 4130-JBH.JBHenderson.local is probably one such router - and is probably on your network, given that its name is very similar to the name of the machine that received the packet.

I.e., it may be the name of a DSL or cable modem, or firewall, or some such device. Wireshark's OUI lookup tool shows that the first 3 bytes of the device's MAC address, 2c:b8:ed, belong to a company named SonicWall, who make hardware and software to provide cybersecurity, so there's probably a SonicWall device on your network that's inspecting traffic between machines on your network and the Internet.